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[57] ABSTRACT 
In an information processing system having an upper 
rank apparatus and an external storage device which 
performs transmission and reception of data between 
the storage device and the upper rank apparatus, at least 
one of encryption and decryption of the data by use of 
an algorithm controlled by a desired data key is per- 
formed in the external storage device, while generation, 
encryption and decryption of the data key are per- 
formed on the upper rank apparatus side. By this config- 
uration, the burden of the upper rank apparatus is 
largely reduced and the secrecy of data stored in the 
external storage device can be surely kept without 
spoiling the throughput of the whole system. 

15 Qaims, 3 Drawing Sheets 
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FIG. I 
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FIG. 2 
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FIG. 3 
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FILE ENCRYPTION METHOD AND HLE 
CRYPTOGRAPHIC SYSTEM 

BACKGROUND OF THE INVENTION 5 

1. Field of the Invention 

The present invention relates to a file cryptographic 
technique and particularly relates to a technique suit- 
able for maintaining secrecy of, for example, data files in 
an external storage device of a computer system, or the 
like. 

2. Description of the Related Art 

Recently, as computer systems have been made large 
in scale and arranged in a network, opportunities for a 
number of persons to access one system increase. Ac- 
cordingly, a cry for increases security in the manage- 
ment of data files has risen to cause an important techni- 
cal problem in this field. 

In such a background, also with respect to an external 
storage device of a computer system which conducts 20 
recording and reproducing of a large quantity of data, 
there have been proposed secrecy keeping techniques 
which involve encrypting of the data files. 

For example, Japanese Patent Laid-Open JP-A-54- 
87032 discloses a technique in which encryption and 25 
decryption of data are performed by a cryptographic 
device connected to an upper rank system (host) by way 
of a channel. 

Specifically, in the disclosed technique, ordinary data 
transmitted to the cryptographic device of the upper 30 
rank system is encrypted into completely meaningless 
data based on a predetermined algorithm using a key 
and the encrypted data is transmitted to an extemd 
storage device so as to be written in a recording me- 
dium. In a data reading-out operation, a procedure re- 35 
verse to that described above is taken so that the de- 
cryption of the data is performed at the upper rank 
system side. 

An algorithm for controlling data encryption and 
decryption by using a key, for example, is disclosed in 40 
Japanese Patent Laid-Open JP.A.52- 130505. 

By delivery and reception of the key, it is possible 
that a medium carrying encrypted data formed in one 
system and recorded therein is transported into another 
system so that the encrypted data is read out and de- 45 
crypted in the other system. 

In the prior system described above, however, when 
data is written into the external storage device, a proce- 
dure is followed in which the data is first transmitted to 
the cryptographic device connected to the channel so as 50 
to be encrypted therein, and after encryption, the en- 
crypted data is read out again from the cryptographic 
device, and then the encrypted data is written into the 
external storage device. Accordingly, there arises a 
problem that the channel and the cryptographic device 55 
connected to the channel become a bottleneck for data 
input/output processing so that the throughput, that is, 
data transmission capability per unit time, between the 
channel and various external storage devices connected 
to the channel is lowered. 60 

Further, in the case where data is encrypted in accor- 
dance with an algorithm controlled by. using a key as 
disclosed in the latter conventional technique, any per- 
son or any system who or which can learn the contents 
of the key can read the data by decrypting the data. 65 
That is to say, the secrecy of data encrypted in accor- 
dance with an algorithm using a key solely depends on 
the management of the key. Accordingly, in order to 
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ensure a high-degree of secrecy of a data encryption file 
system using a key, it is an indispensable condition to 
strictly manage the key, for example, by converting the 
key into a more complicated cryptograph. 

SUMMARY OF THE INVENTION 

It is therefore an object of the present invention to 
provide a file encryption method in an information 
processing system, in which a high level of security of 
data delivered and received between an upper rank 
(host) apparatus and an external storage device can be 
realized without degrading the throughput of the sys- 
tem. 

It is another object of the present invention to pro- 
vide a file cryptographic system in an information pro- 
cessing system, in which a high degree of security of 
data delivered and received between an upper rank 
apparatus and an external storage device can be realized 
without degrading the throughput of the information 
processing system. 

It is a further object of the present invention to pro- 
vide a file cryptographic system, in which the secure 
performance of the whole system is improved by ensur- 
ing a high level of security of a key for controlling a 
data encryption algorithm. 

It is a still further object of the present invention to 
provide a file cryptographic system, in which efficient 
use of an external storage device through data compres- 
sion and security of data secrecy through encryption 
are compatible with each other. 

It is another object of the present invention to pro- 
vide a file cryptographic system, in which management 
of a data key and data encrypted by this data key can be 
performed safely and easily. 

Tht above and other objects and novel features of the 
present invention will become apparent from the de- 
scription of this specification and accompanying draw- 
ings. 

In order to attain the above objects, according to an 
aspect of the present invention, the file encryption 
method in an information processing system a having a 
hierarchically arranged upper rank apparatus and an 
external storage device which performs delivery and 
reception of data between the storage device and the 
upper rank apparatus, is featured in that at least one of 
encryption and decryption of the data in accordance 
with an algorithm controlled by a desired data key is 
performed in the external storage device, and genera- 
tion, encryption and decryption of the data key are 
performed in the upper rank apparatus side. 

According to another aspect of the present invention, 
the file cryptographic system comprises an upper rank 
apparatus, a cryptographic device connected to the 
upper rank apparatus, and an external storage device 
provided with at least one of functions of encryption 
and decryption of data delivered and received between 
the storage device and the upper rank apparatus. 

According to the file encryption method of the pres- 
ent invention as described above, the upper rank appa- 
ratus does not take part in troublesome processing, such 
as ordinary data encryption and decryption, so that the 
burden of the upper rank apparatus due to data encryp- 
tion and decryption can be largely reduced and the 
secrecy of data stored in the external storage device can 
be securely maintained without degrading the through- 
put of the whole system. 
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According to the file cryptographic system of the ing to the embodiment, and FIGS. 2 and 3 are explana- 
present invenUon, the encryption and decryption of tory diagrams showing examples of the operation of the 

dau delivered and received between the external stor- file encryption method and the file cryptographic sys- 

age device and the upper rank apparatus are performed, tem as the embodiments of the invention, 

for example, by encryption and decryption functions 5 First, referring to FIG. 1, the configuration of the file 

provided in the external storage device in accordance cryptographic system of the embodiment will be de- 

with an algorithm controUed by a desired raw data key, scribed. 

while the encryption and decryption of the raw data in the foUowing. as an example of an external storage 
key to be used by the external storage device are per- device constituting the We cryptographic system, the 
formed by the cryptographic device connected to the 10 description will refer to a magnetic tape subsystem, 
upper rank apparatus. Accordingly, it becomes unnec- For example, in an information processing system, 
cssary for the upper rank apparatus to take part n trou- such as a computer system, a hierarchicaUy arranged 
bl«ome processmg such as ordmary data encryption „pper rank apparatus (host) 1 is constituted by a central 
and decryption, so that the burden of the upper rank processing unit, etc. The upper rank apparatus 1 is con- 
apparatus due to dato encryption and decryption can be 15 „ected by way of a channel (not shown for performing 
krgely reduced uid the secrecy of data stored m the 3 input/output operation from/to the 
' .t™^ ?^?u '^u^ s«:urely maintamed ^^^^^^ ^ ^f the upper rank apparatus, and a mag- 
!'^T**'''"^°[*'*'^^''v'^^f"• tape device 12 U comiected to this channel 
Further, the raw data k^V which b used for data through Vmagnetic tape control device 2. 
enciTption and decryption and which has an mfiuence 20 -fhe „agnefic tape control device 2 operates to con- 
on the .performance of data secrecy operations « con- j^,;^/ .^^ information between the 
verted mto a high-degree and complicated cryptograph ^ ^ ^^^i^^ „ 

A n^o,H ^^i^Th^lr^ T '^^^^ T.l^- ^dthe ma^^ upe device 12 operates information 

Accordingly, the secrecy keeping performance of the j- y j • /i- j- v 

whole syslem can be maLntained at Vhigh^iegrec. 25 recording/reproducing on/fron, a medium, such as a 

GeneraUy. the redundancy of data is lost by encryp- ^^S^^^^^ ^P^- ^ j • « u 

tion. In the case of the present invention, however, dL . ^ ^^'^ T'P'^S^*'!' " ^^^'^^u^'""'^ 

transmitted into the external storage device from the ^ descnbed later is connected to the upper 

upper rank apparatus is subjected to a data compression ra^apparatus 1 through the channel, 
processing in the external storage device prior to the 30 ^« ttuiS^^Ho tape control device 2 includes a micro- 
encryption of the data, so that reduction of a large quan- Processor 9 which operates to perform overall control 
tity of data can be realized by the effective data com- ^ accordance with a program stored m a control mcm- 
prcssion. in the same manner as an ordinary case where * channel interface control section 3 which 

data encryption is not performed, whereby the efficient operates as a slave of the upper rank apparatus 1 to 
use of the external storage device through data com- 35 control the dehvery/rcception of information to/from 
pression and secure maintenance of data secrecy the upper rank apparatus 1. and a device interface con- 
through encryption can be made compatible with each ^^1 section 7 which operates to control the deliveryA 
other. reception of information to/from the magnetic tape 

Further, by complicatedly encrypting the data key in device 12. 
the cryptographic device on the upper rank apparatus 40 Further, between the channel interface control sec- 
side, the data key and ordinary data encrypted by the ^ion 3 and the device interface control section 7, there 
data key in the external storage device can be safely provided in order a compression circuit 4 which 

stored together in one and the same recording medium performs processing, such as compression/expansion of 
so that the management of the data key and data en- <*ata delivered and received between the upper rank 
crypted by the data key can be performed safely and 45 apparatus 1 and the magnetic tape device 12, and a 
easily. buffer 6 which stores the data temporarily. 

This buffer 6 is constituted, for example, by a scmi- 

BRIEF DESCRIPTION OF THE DRAWINGS conductor memory, etc. and interposed between the 

FIG. 1 is a block diagram showing an example of the upper rank apparatus 1 which operates at a high speed 
fde cryptographic system as an embodiment of the pres- 50 and the magnetic tape device 12 which operates at a 
ent invention; relatively low speed so that the buffer 6 constitutes a 

FIG. 2 is an explanatory block diagram showing an well known storage hierarchy so as to temporarily store 
example of the operation of the file encryption method the data delivered and received between the upper rank 
and the cryptographic system according to another apparatus 1 and the magnetic tape device 12 to thereby 
embodiment of the present invention; and 55 absorb a large difference in speed between the upper 

FIG. 3 is an explanatory block diagram showing an rank apparatus 1 and the magnetic tape device 12 to 
example of the operation of the file encryption method improve the efficiency in data transmission between the 
and the cryptographic system as a further embodiment two, 

of the present invention. In this case, a cryptographic adapter 5 and a data key 

nc-T-ATT cT^ T-itrcoi>iimr»xT r^cTOc ^ storage mechanism 8 accessed by this cryptographic 

DETAILED DESCWF^ OF THE ^^j^pter 5 arc provided between the compression pircuit 

EMBODIMENTS 4 channel interface control section 3 side and the 

Referring to the accompanying drawings, an example buffer 6 on the device interface control section 7 side, 
of the file encryption method and the file cryptographic This cryptographic adapter 5 is arranged to perform 
system which are embodiments of the present invention 65 encryption and decryption of the data delivered and 
will be described in detail hereunder. received between the upper rank apparatus 1 and the 

FIG. 1 is a block diagram showing an example of the magnetic tape device 12 in accordance with a desired 
configuration of the file cryptographic system accord- algorithm controlled by a raw data key which is set in 
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the data key storage mechanism 8 in a maraier as de- to the channel interface control section 3 of the mag- 

scribed later. netic tape control device 2 through the channel. 

That is, in the case of this embodiment, the data trans- For example, in the case where data compression is 

milled from the upper rank apparatus 1 so as to be performed, dau received by the channel interface con- 
stored in the magnetic t^ device 12 is first compressed 5 trol section 3 is transferred to the compression circuit 4 

in the compression circuit 4 then encrypted in the cryp- according to the instruction from the microprocessor 9 

tographic adapter 5, and then written in the magnetic so that the data is subjected to compression processing 

tape device 12 through the buffer 6 and the device in accordance with a desired algorithm, 

interface control section 7. Thereafter, the compressed data is transferred to the 

When the encrypted data stored in the magnetic tape 10 cryptographic adapter 5 in accordance with an instruc- 
device 12 is to be read out, on the other hand the target tion from the microprocessor 9 so that the data is en- 
encrypted data is read out from the magnetic tape de~ crypted in accordance with a desired algorithm con- 
vice 12 into the buffer 6 through the device interface trolled by the raw data key which has been set in the 
control section 7, decrypted in the cryptographic data key storage mechanism 8 as described above, 
adapter 5, expanded in the compression circuit 4 and Thus, the data successively subjected to compression 
then transmitted to the upper rank apparatus 1 through processing and encryption are successively written into 
the channel interface control section 3. the magnetic tape medium mounted in the magnetic 

Now, referring to FIGS. 2 and 3, the operation of the tape device 12 through the buffer 6 and the device 

file cryptographic system of this embodiment will be channel interface control section 7. 

described hereunder. After completion of predetermined write processing. 

First, an example of the operation of writing data the upper rank apparatus 1 gives an instruction to the 

transmitted from the upper rank apparatus 1 into the magnetic tape control device 2 to reset the raw data 

magnetic tape device 12 will be explained. key, and the microprocessor 9 of the magnetic tape 

The upper rank apparatus 1 generates a raw data key control device 2 performs processing for erasing the 

necessary for the magnetic tape control device 2 to raw data key set in the data key storage mechanism 8. 

perform encryption/decryption of data delivered and FIG. 2 shows an example of series of operations of 

received between the upper rank apparatus 1 and the the upper rank apparatus 1, the data key cryptographic 

lower rank magnetic tape device 12. The upper rank device 11, and the magnetic tape control device 2 in 

apparatus 1 gives the generated raw data key to the data data write processing under the condition that the oper* 

key cryptographic device 11 and instructs the latter to ations are correlated with each other, 

perform data encryption thereon. On the other hand, an example of the operation of 

It is a matter of course that the generation of the raw reading the data encrypted and stored in the magnetic 

data key is not limited to the upper rank apparatus 1, but tape medium of the magnetic tape device 12 by the 
the raw data key may be generated in the data key 35 upper rank apparatus 1 is as follows, 

cryptographic device 11 in accordance with the instruc- First, the upper rank apparatus 1 gives an instruction 

tion given from the upper rank apparatus 1. to the magnetic tape control device 2 to read the header 

Upon reception of the instruction, the data key cryp- portion of the magnetic tape medium mounted in the 

tographic device 11 performs complicated and high- magnetic tape device 12, in which the encrypted data 
degree encryption of the raw data key to thereby gener- ^ key has been stored as described above, 

ate an encrypted data key. In response to 4hts instruction, the microprocessor 9 

Next, the upper rank apparatus 1 reads out the en- of the magnetic Upe control device 2 reads, from the 
crypted dato key from the data key cryptographic de- magnetic tape medium, the encrypted data key which 
vice 11 through the channel or the like and gives an has been written in the magnetic tape medium of the 
instruction to the magnetic tape device 12 through the 45 magnetic tape device 12 in a previous recording opera- 
magnetic tape control device 2 so as to cause the mag- tion or the like. 

netic tape device 12 to write the encrypted data key into Next, the upper rank apparatus 1 transfers the en* 

a header portion or the like at the beginning of an ordi- crypted data key read in the magnetic tape control 

nary data recording area in the magnetic tape medium device 2 to the data key cryptographic device 11 
mounted in the magnetic tape device 12. 50 through the channel and gives an instruction to the data 

Further, the upper rank apparatus 1 sends out the raw key cryptographic device 11 to cause the latter to de- 
data key to the magnetic tape control device 2 and, at crypt the encrypted data key to produce a raw data key. 
the same time, gives an instruction to the microproces- In response to this instruction, the data key crypto- 
sor 9 of the magnetic tape control device 2 so that the graphic device 11 decrypts the encrypted dato key to 
microprocessor 9 sets the raw data key in the data key 35 thereby produce a raw dato key. 
storage mechanism 8. The thus produced raw dato key is transferred again 

Not limited specifically, in the dato key crypto- to the magnetic tope control device 2 through the chan- 

graphic device 11, when a raw dato key to be set in the nel in accordance with an instruction of the upper- rank 

magnetic tope control device 2 is generated and sent apparatus 1 and the magnetic tope control device 2 sets 
out, the raw dato key may be encrypted to an extent that 60 this raw dato key in the dato key storage mechanism 8. 

the cryptograph can be decrypted in the cryptographic Not limited specifically, in the dato key crypto- 

adapter 5 of the magnetic tope control device 2 so that graphic device 11, when the encrypted dato key is de- 

the raw dato key is set in the dato key storage mecha- crypted into a raw dato key to be set in the magnetic 

nism 8 after being completely decrypted in the magnetic tope control device 2, the encrypted dato key may be 
tope control device 2. 63 decrypted to an extent that the resultant cryptograph 

After the magnetic tope control device 2 has set the can be decrypted in the cryptographic adapter 5 of the 

received raw dato key in the dato key storage mecha- magnetic tope control device 2 so that the raw date key 

nism 8, the upper rank apparatus 1 sends out write dato is set in the dato key storage mechanism 8 after being 
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completely decrypted into the raw data key in the mag- ity of reduction of throughput an the like in the upper 
nctic tape control device 2. rank apparatus 1 to thereby realize a file cryptographic 

Next, the upper rank apparatus 1 gives an instruction system having a high-degree of secrecy, 
to the magnetic tape control device 2 to read-in the Further, since data compression processing is pcr- 
cncrypted data which has been recorded on the mag- 3 formed prior to data encryption in the magnetic tape 
netic upe medium mounted in the magnetic tape device control device 2 as occasion demands, it is possible to 
12. compress the data with a high compression rate the 

In response to this instruction, the microprocessor 9 same as that in an ordinary case before the data loses 
of the magnetic tape control device 2 gives a data read- redundancy through encryption, so that efficient use, 
out instruction to the device interface control section 7. 10 owing to the data compression, of the magnetic tape 

The data read out from the magnetic tape device 12 is medium mounted in the magnetic tape device 12 and the 
first stored in the buffer 6, and then the cryptographic security of a high-degree of data-secrecy can be made 
adapter 5 reads out the encrypted data from the buffer compatible. 

6 and decrypts the encrypted data in accordance with Further, by the complicated encryption of a raw data 
an aJgorithm controlled by the raw data key which has 15 key by means of the data key cryptographic device 11, 
been set in the data key storage mechanism 8. the encrypted raw data key and ordinary data en- 

Thereafter, if the thus decrypted data is data which crypted on the basis of the raw data key can be safely 
has been subjected to compression processing, for ex- stored in one and the same recording medium, 
ample, in the recording operation, the microprocessor 9 As a result, for example, in the case where a large 
makes the decrypted data pass through the compression 20 quantity of data is to be stored for a long period after 
circuit 4 so that the decrypted data is subjected to ex- being encrypted, in the case where encrypted data is to 
pansion processing so that the compressed data are be used in a plurality of specified information process- 
restored to not-compressed data. ing facilities through delivery and reception thcrcbc- 

The restored data is sent to the upper rank apparatus tween, and so on, the data key management can be 
1 side through the channel interface control section 3 in 25 performed safely and easily. 

accordance with an instruction from the upper rank In the foregoing, the invention attained by the inven- 
apparatus 1. tor of this application has been described with respect to 

Upon completion of the series of data read-in process- some embodiments thereof. The present invention is not 
ing operations from the magnetic tape medium of the however limited to the foregoing embodiments, but it is 
magnetic tape device 12 by the upper rank apparatus 1, 30 a matter of course that the embodiments may be 
the magnetic tape control device 2 resets or erases the changed or modified without departing from the scope 
raw data key which has been set in the data key storage of the invention. 

mechanism 8 of the magnetic tape control device 2, in For example, in the foregoing, although the case of a 
accordance with an instruction from the upper rank magnetic tape subsystem has been described as an exam- 
apparatus 1. 35 pie of the external storage device constituting the file 
FIG. 3 shows an example of a series of operations of cryptographic system, the external storage device is not 
the upper rank apparatus 1, the data key cryptographic limited to this, but may be any other external storage 
device 11, and the magnetic upe control device 2 in the device. 

processing of data read-in from the magnetic tape dc- The configuration of the magnetic tape subsystem for 
vice 12 in the condition that the operations are corre- 40 performing data encryption/decryption is not limited to 
lated with each other. that shown in the foregoing embodiments, but may be 

As described above, according to the file encryption any other configuration so long as it can realize the 
method and the file cryptographic system in this em- same function. 

bodiment. the encryption of data to be recorded/repro- The advantageous effects obtained by the typical 
duced onto/from a magnetic tape medium of the mag- 45 features of the present invention are briefly summarized 
netic tape device 12 is performed by the cryptographic as follows. 

adapter 5 and the data key storage mechanism 8. which That is. according the present invention, the file en- 
are provided in the magnetic tape control device 2, in cryption method in an information processing system 
accordance with a desired algorithm controlled by a having an upper rank apparatus and an external storage 
raw data key set in the data key storage mechanism 8. 50 device which performs delivery and reception of data 
Accordingly, it is not necessary to cause the upper rank between the storage device and the upper rank appara- 
apparatus 1 to take a pan in troublesome processing of tus has a feature in that at least one of encryption and 
ordinary data encryption/decryption, so that an in- decryptionof the data by use of an algorithm controlled 
crease of the burden on the upper rank apparatus 1 in by a desired data key is performed in the external stor- 
connection with data security can be suppressed. 35 age device, and generation, encryption and decryption 

As a result, in the system, a high-degree of secrecy of of the data key are performed in the upper rank appara- 
data can be realized without degrading the property tus side. Accordingly, it is not necessary to cause the 
such as throughput and the like in the upper rank appa- upper rank apparatus to take a part in troublesome pro- 
tatus 1. ccssing of ordinary data encryption/decryption, so that 

Further, since the encryption/decryption of a raw 60 an increase of the burden on the upper rank apparatus in 
data key to be used for control of the encryption/de- connection with data security can be greatly reduced 
cryption of data in the magnetic tape control device 2 is and the secrecy of data to be stored in an external stor- 
independently performed in the daU key cryptographic age device can be secured without degrading the 
device 11 connected to the upper rank apparatus 1, it is throughput of the whole system, 
possible to strictly manage the raw data key which is 65 According to the present invention, the file crypto- 
important for data security keeping by applying more graphic system comprises an upper rank apparatus, a 
complicated and high-degree processing to the raw data cryptographic device connected to the upper rank ap- 
kcy than the case of ordinary data without any possibil- paratus, and an external storage device provided with at 



03/09/2004, EAST Version: 1.4.1 



. • 5,235. 
9 

least one of functions of encryption and decryption of 
data which are delivered and received between the 
storage device and the upper rank apparatus. Accord- 
ingly, for example, by causing the. encryption and de- 
cryption functions provided in the external storage 5 
device to perform the encryption and decryption of 
data which is delivered and received between the stor- 
age device and the upper rank apparatus and by causing 
the cryptographic device connected to the upper rank 
apparatus to perform the encryption and decryption of 10 
a raw data key to be used by the external storage device, 
it becomes unnecessary to cause the upper rank appara- 
tus to take part in troublesome processing such as en- 
cryption/decryption and the like of a large quantity of 
data, so that an increase of the burden on the upper rank t S 
apparatus in connection with data can be greatly re- 
duced and the secrecy of data to be stored in the exter* 
nal storage device can be secured without degrading 
the throughput of the whole system. 

Further, by converting the raw data key which is 20 
used for data encryption and decryption in the external 
storage device of data which has an influence on the 
performance of data security into high-degree and com- 
plicated cryptograph by means of the cryptographic 
device connected to the upper rank apparatus, the raw 25 
data key can be stored safely and surely and the secrecy 
of the whole system can be improved. 

Further, by performing data compression processing 
in the externa] storage device prior to encryption of 
data supplied from the upper rank ^paratus, that is, 30 
before the redundancy of the data is lost through en- 
cryption, reduction of a large quantity of data can be 
realized by the effective data compression in the same 
manner as in the case where encryption is not per- 
fonned, so that efficient use, owing to the data compres- 35 
sion, of the external storage device and a high level of 
security of data can be made compatible. 

Further, by causing the cryptographic device on the 
upper rank apparatus side to perform complicated and 
high-degree encryption of the dau key, the encrypted 40 
data key and ordinary data encrypted on the basis of the 
data key in the external storage device can be safely and 
easily stored in one and the same recording medium. 
That is, the data key and the data encrypted by the data 
key can be managed safely and easily. 45 

We claim: 

1. A file encryption method for use in an information 
processing system having a hierarchically arranged 
upper rank apparatus and aa external storage device, 
which method controls transmission and reception of 50 
data between said storage device and said upper rank 
apparatus, comprising the steps of: 

performing in said external storage device at least one 
of encryption of data received from said upper rank 
apparatus for storage in said external storage de- 55 
vice and decryption of data stored in said external 
storage device and requested by said upper rank 
apparatus, using an algorithm controlled by a data 
key; and 

performing generation, encryption and decryption of 60 
said data key in said upper rank apparatus. 

2. A file cryptographic system comprising: 
an upper rank apparatus; 

a cryptographic device connected to said upper rank 
apparatus; and 65 

an external storage device, said external storage de- 
vice including means for pcribrming at least one of 
encryption of data received from said upper rank 



apparatus for storage in said external storage de- 
vice and decryption of data stored in said external 
storage device and requested by said upper rank 
apparatus; 

in which said cryptographic device performs encryp- 
tion and decryption of a raw data key. and said 
means in said external storage device performs 
encryption and decryption of data based on said 
raw data key received from said upper rank appa- 
ratus. 

3. A file cryptographic system according to claim 2, 
in which, when decryption of said raw data key is per- 
formed in said cryptographic device, incomplete de- 
cryption is performed at an extent that the decrypted 
raw data key is breakable by the fimction of decryption 
in said external storage device, so that fmal decryption 
of said raw data key is performed in said cryptographic 
device. 

4. A file cryptographic system according to claim 2, 
in which, when said data transmitted from said upper 
rank apparatus is encrypted and recorded, the encryp- 
tion is performed after data compression processing. 

5. A file cryptographic system according to claim 2, 
in which a data key encrypted by the cryptographic 
device provided at said upper rank apparatus side ai)d 
ordinary data encrypted by said data key are stored in 
the same recording medium. 

6. A file cryptographic system comprising: 
an upper rank apparatus; 

a cryptographic device connected to said upper rank 
apparatus; and 

an external storage device, said external storage de- 
vice including me^s for performing at least one of 
encryption of data received from said upper rank 
apparatus for storage in said external storage de- 
vice and decryption of data stored in said external 
storage device and requested by said upper rank 
apparatus; 

in which, when decryption of said raw data key is 
performed m said cryptographic device, incom- 
plete decryption is performed to an extent that the 
decrypted raw data key is breakable by the func- 
tion of decryption in said external storage device, 
so that fmal decryption of said raw data key is 
performed in said cryptographic device. 

7. A file cryptographic system comprising: 
an upper rank apparatus; 

ah upper rank apparatus; 

a cryptographic device connected to. said upper rank 
apparatus; and 

an external storage device, said external storage de- 
vice including means for performing at least one of 
encryption of data received from said upper rank 
apparatus for storage in said external storage de- 
vice and decryption of data stored in said external 
storage device and requested by said upper rank 
apparatus; 

in which, when said data transmitted from said upper 
rank apparatus is encrypted and recorded, the en- 
cryption is performed after data compression pro- 
cessing. 

8. A fde cryptographic system comprising: 
an upper rank apparatus; 

a cryptographic device connected to said upper rank 
apparatus; and 

an external storage device, said external storage de- 
vice including means for performing at least one of 
encryption of data received from said upper rank 
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apparatus for storage in said external storage de- 
vice and decryption of data stored in said external 
storage device and requested by said upper rank 
apparattis; 

in which a data key encrypted by the cryptographic 
device provided at said upper rank apparatus side 
and ordinary data encrypted by said data key are 
stored in the same recording medium. 

9. A method of effecting secure storage of data in an 
external storage device by an upper rank apparatus via 
a storage controller, comprising the steps of: 

(a) generating a raw data key and encrypting the raw 
data key in said upper rank apparatus; 

(b) transferring the raw data key and the encrypted 
raw data key to said storage controller; 

(c) storing the raw data key in said storage controller 
and said encrypted raw data key in a selected stor- 
age location in said external storage device; 

(d) transferring raw data from said upper rank appa- 
ratus to said storage controller; 

(e) encrypting said raw data in said storage controller 
using the raw data key stored therein and storing 
said encrypted raw data in said selected storage 
location in said external storage device; and 

(0 erasing the raw data key stored in said storage 
controller. 

10. The method as defined in claim 9, wherein said 
step (e) further includes compressing said raw data prior 
to the encrypting thereof. 

11. A method for an upper rank apparatus to access 
encrypted data stored with an encrypted data key in a 
storage location of an external storage device via a 
storage controller, comprising the steps of: 
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(a) transferring the encrypted data key from said 
storage location of said extemaJ storage device to 
said upper rank apparatus via said storage control- 
ler in response to a request by said upper rank 
apparatus; 

(b) decrypting the encrypted data key to produce a 
decrypted data key in said upper rank apparatus; 

(c) transferring the decrypted data key to said storage 
controller; 

(d) transferring said encrypted data from said storage 
location to said storage controller and decrypting 
said encrypted data to produce raw data based on 
decrypted data key in said storage controller; and 

(e) transferring said raw data to said upper rank appa- 
ratus. 

U. A method as defmed in claim 11, wherein said 
encrypted data stored in said storage location is com- 
pressed encrypted data, and said step (d) includes de- 
compressing the decrypted data to produce said raw 
data. 

13. A method as defmed in claim 11, wherein said step 
(b) includes partially decrypting said encrypted data 
key in said upper rank apparatus to produce said de- 
crypted data key, and said step (d) includes further 
decrypting said decrypted data key in said storage con- 
troller to produce a raw data key which is used to de- 
crypt said encrypted data. 

14. A method as deAned in claim 13, wherein said step 
(e) is followed by a step of (0 erasing the raw dau key 
in said storage controller. 

15. A method as defmed in claim 11, wherein said 
decrypted data key produced in step (b) is a raw data 
key. 

• « * * * 
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